The fear of targeted cyber attacks on the energy infrastructure can be felt in the industry. For example, the Eon Group, which operates the largest electricity distribution network in Germany, is observing increasing attacks on the digital infrastructure parallel to the Russian invasion on the ground. “We have increased our detection and response capabilities,” Eon said. But could Russian hackers actually switch off the power supply in Germany?
IT experts warn against inadequate protective measures. “Perspectively, Germany is not adequately prepared for cyber attacks on renewable energy systems. Wind turbines and solar energy companies can be affected as a result,” says Sadaf Momeni, IT security consultant at Ginkgo Cybersecurity GmbH. In her experience, Momeni warns that to access many different wind and solar systems, only one password is often used instead of several different ones.
Lothar Renner, EMEAR Managing Director for security at the US technology group Cisco, also sees problems: “Many industrial companies still use old, proprietary protocols” – i.e. solutions that are only used by this company. If an attacker finds out how data exchange works within such companies, there are hardly any experts who could take action against an attack.
Top jobs of the day
Find the best jobs now and
be notified by email.
In the current threat landscape, outdated systems can be particularly problematic. Hans-Walter Borries is Deputy Chairman of the Board of the Federal Association for the Protection of Critical Infrastructures and believes: “It is realistic that Russian hackers will try to attack our energy system.” Borries is also a lecturer at the University of Witten/Herdecke and a reserve officer in the German Armed Forces.
Control rooms as a sensitive target
According to Borries, there are a few places in Germany that are particularly in need of protection, which are essential for a functioning power supply and which would be “worthwhile targets” from a hacker’s point of view. On the one hand, there are the central control rooms of the large transmission system operators in Germany. At these points, the operators keep electricity generation and consumption in balance. The power supply only works reliably when the frequency in the grid is close to its target value of 50 Hertz. On the other hand, if too much or too little electricity flows into the grid, power failures can occur.
“Someone who gains control of a central control room could disrupt Europe’s energy supply in the long term,” warns Borries. “In a military conflict, such areas would probably be the first to be attacked.”
Transmission system operators such as Tennet or 50Hertz are currently not commenting on the protection of such critical components. In view of the developments in Ukraine, the subject seems too risky for them to provide any further information. 50Hertz only states that the company is taking precautions to protect facilities and staff.
Tennet states that it keeps its own systems up to date at all times and carries out dedicated risk management. In addition, the power generation is designed redundantly. So there are backup connections and components for emergencies.
>> Listen here: Handelsblatt Green Podcast: How secure is our power supply?
However, Fabian Potratz, Chief Technology Officer of the start-up Envelio, which specializes in digital power grid management and has been majority-owned by Eon for several months, gives indications of how well the power grid is protected against cyber attacks. Portratz explains that his start-up had to obtain information security certification. This is checked annually, although his start-up is not part of the control system.
Endangered radio signals
Even if an attacker were to hack the start-up Envelio, he would not be able to access the power control systems from there, because the network operator’s office IT is strictly separated from the control of the networks. But: “Without a security mindset, you won’t get far in the industry,” says Potratz. “The network operators take that very seriously.” Potratz even considers a classic physical attack on the control centers to be more promising than a cyber attack.
However, expert Borries names another potential target: the so-called radio ripple control transmitters of the European radio ripple control GmbH (EFR). There are three such stations across Europe – two of them in Germany and one in Hungary. They can send long-wave signals over 500 kilometers and enable power grid operators to control wind and solar parks as well as combined heat and power systems – and, if necessary, to prevent them from feeding electricity into the grid.
An attacker who gains access to the transmitters could repeatedly take wind and solar systems off the grid, says Christoph Sorge, a professor at the Chair of Legal Informatics at Saarland University. In fact, the Federal Office for Information Security confirms: “Should an attacker gain control of the radio ripple control system, it cannot be ruled out that the attacker will cause these systems to stop feeding in.”
According to concern, attackers would have to look for weaknesses in the transmitter or receivers. He says: “Both are probably not easy, but I wouldn’t rule them out.”
More: Russia’s economy: The sanctions are hitting the country with full force